bind: An error in TSIG authentication can permit unauthorized zone transfers

A flaw was found in the way BIND handled TSIG authentication of AXFR requests. A remote attacker, able to communicate with an authoritative BIND server, could use this flaw to view the entire contents of a zone by sending a specially constructed request packet...

bind: An error in TSIG authentication can permit unauthorized dynamic updates

A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG0 signature for a dynamic update request...

ISC BIND 9 < 9.9.10-P2 / 9.9.10-S3 / 9.10.5-P2 / 9.10.5-S3 / 9.11.1-P2 Multiple Vulnerabilities

According to its self-reported version, the instance of ISC BIND 9 running on the remote name server is 9.9.x prior to 9.9.10-P2 or 9.9.10-S3, 9.10.x prior to 9.10.5-P2 or 9.10.5-S3, or 9.11.x prior to 9.11.1-P2. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the...

USN-3346-1 bind9 vulnerabilities

Clément Berthaux discovered that Bind did not correctly check TSIG authentication for zone update requests. An attacker could use this to improperly perform zone updates. CVE-2017-3143 Clément Berthaux discovered that Bind did not correctly check TSIG authentication for zone transfer requests. An...

SUSE SLED12 / SLES12 Security Update : openldap2 (SUSE-SU-2017:1567-1)

This update for openldap2 fixes the following issues: Security issues fixed : - CVE-2017-9287: A double free vulnerability in the mdb backend during search with page size 0 was fixed bsc1041764 Non security bugs fixed : - Let OpenLDAP read system-wide certificates by default and don't hide the...

SUSE-SU-2017:1567-1 Security update for openldap2

This update for openldap2 fixes the following issues: Security issues fixed: - CVE-2017-9287: A double free vulnerability in the mdb backend during search with page size 0 was fixed bsc1041764 Non security bugs fixed: - Let OpenLDAP read system-wide certificates by default and don't hide the erro...

Multiple Asterisk Products 'PJSIP Transaction Layer' Heap Buffer Overflow Vulnerability

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. The PJSIP used in Digium Asterisk Open Source...

FreeBSD : asterisk -- Buffer Overrun in PJSIP transaction layer (0537afa3-3ce0-11e7-bf9d-001999f8d30b)

The Asterisk project reports : A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By...

OracleVM 3.4 : xen (OVMSA-2017-0094)

The remote OracleVM system is missing necessary patches to address critical security updates : - BUILDINFO: xen commit=8ee9cbea8e71c968e602d5b4974601d283d61d28 - BUILDINFO: QEMU upstream commit=fcd17fdf18b95a9e408acc84f6d2b37cf3fc0335 - BUILDINFO: QEMU traditional...

Denial Of Service

github.com/btcsuite/btcd is vulnerable to denial of service DoS attacks. A malicious user can cause the system to hang by sending multiple fake transactions because the system does not check if the transaction signature is valid...

Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12)

A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

MS17-010 SMB RCE Detection

Uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUSINSUFFSERVERRESOURCES", the machine does not have the MS17-010 patch. If the machine is missing the MS17-0...

Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12)

A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

Multiple IBM Products Session Identifier Vulnerabilities

IBM Financial Transaction Manager FTM for ACH Services, among others, is a financial transaction manager product from IBM Corporation in the United States, which is used to monitor, track and report on financial payments and transactions. A security vulnerability exists in a number of IBM product...

UBUNTU-CVE-2017-5435

A use-after-free vulnerability occurs during transaction processing in the editor during design mode interactions. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.1, Firefox ESR 45.9, Firefox ESR 52.1, and Firefox 53...

CVE-2017-1160

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

Cross site scripting

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

CVE-2017-1160

CVE-2017-1160 concerns cross-site scripting in IBM Financial Transaction Manager products. IBM’s Security Bulletin pages (for CPS, ACH, and CPS/Multi-Platform variants) document a Web UI XSS vulnerability that could allow an attacker to inject JavaScript in a trusted session, potentially exposing...

CVE-2017-1160

IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.0.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a...

Microsoft Windows - SMB Remote Code Execution Scanner (MS17-010) (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework auxiliary/scanner/smb/smbms17010 require 'msf/core' class MetasploitModule 'MS17-010 SMB RCE Detection', 'Description' = %q Uses information disclosure to determine if...